Changelog
What we’ve shipped, newest first. We update Spamless.dev continuously.
v1.14.0
2026-07-04Configurable impersonation / BEC protection for Pro & Enterprise.
- Impersonation protection: guard against VIP display-name spoofing, look-alike and partner-domain mimicry, and exact-domain spoofing that fails authentication — high-confidence hits are automatically quarantined
- New Impersonation page (Pro & Enterprise): manage the protected people (VIPs) and partner domains, with your own domains protected automatically
v1.13.0
2026-07-02Choose whether to receive proactive domain-health alert emails.
- Alert preferences: account owners can now turn the proactive domain-health alert emails on or off from the Domain health page
v1.12.5
2026-07-02Account and platform security hardening.
- Signing out now clears all cached data in the browser, so a shared device never shows the previous account’s data
- Password-reset requests are rate-limited to prevent reset-email bombing
- Team invitations now expire after 7 days
- Google SSO no longer auto-creates staff accounts unless an allowed-domains list is configured (fail-closed)
- Hardened login against account-enumeration timing, and rejected replayed webhook deliveries
- CSV exports are protected against spreadsheet formula injection
v1.12.4
2026-07-02Sign-up and billing fixes.
- Fixed: customers on a paid (Pro/Enterprise) plan could be unable to log in after paying — sign-up now activates the account correctly
- Revisiting checkout as an existing subscriber now opens the billing portal instead of accidentally starting a second subscription
- Cancelling an old subscription can no longer downgrade an account that has a newer, active subscription
v1.12.3
2026-07-02Stronger protection, better deliverability and reliability.
- Confirmed viruses are now always quarantined, even when sent from an otherwise-trusted sender
- Deliverability: known good senders are no longer repeatedly greylisted
- Bounce and complaint handling is now durable (no events dropped during a brief database hiccup); soft bounces no longer suppress an address
- The spam filter learns more accurately from your allow / quarantine feedback
- Queued mail is no longer lost if a background worker restarts mid-delivery
- Fixed the live-events feed and per-domain webhook event names; old activity logs are now pruned automatically (90-day retention)
v1.12.2
2026-07-02Dashboard fixes.
- The password-reset link now works when you’re signed out (no more bounce back to login)
- Quarantine, allow/block lists and domains pages now show a clear error with a retry when data can’t load, instead of appearing empty
- Removing a domain now asks for confirmation first
v1.12.1
2026-06-26Footer redesigned into four balanced columns (no more empty middle).
- Homepage footer reorganized into Product / Resources / Company / Legal columns across the full width; collapses to two columns on mobile
v1.12.0
2026-06-26Referral program — invite friends, you both get rewarded.
- Shareable referral links (/signup?ref=CODE); referred friend gets the 14-day trial, referrer earns account credit (one month) when the friend subscribes. New "Refer & earn" page with stats; signup banner for referred visitors
v1.11.2
2026-06-26SEO guide page on SPF/DKIM/DMARC, cross-linked with the checker.
- New /guides/email-authentication explainer (SPF, DKIM, DMARC, MTA-STS) for organic search, linked with the free checker and signup. Trilingual
v1.11.1
2026-06-2614-day free trial on paid plans + promo codes signposted.
- Pro/Enterprise checkout now starts a 14-day free trial (no charge until it ends, cancel anytime), shown on the pricing page; promo codes signposted
v1.11.0
2026-06-26Free domain email-security checker — a public lead-magnet tool.
- New /check tool: enter any domain, get a live SPF/DMARC/MTA-STS/MX posture grade with recommendations and a "protect this domain" CTA. Public, rate-limited, no signup. Great for acquisition + SEO
v1.10.1
2026-06-26Landing page: a real "scan your own text" demo powered by the live content analyzer.
- Paste a subject/body on the homepage and get a live score + caught spam signals from the real Layer-3 analyzer. Public, rate-limited, network-free POST /demo/scan (no auth, nothing stored)
v1.10.0
2026-06-26Admin customer/revenue overview, dashboard revenue snapshot, and a social share image.
- New Customers page: every account (owner, plan, status, seats, domains) + totals (estimated MRR/ARR, active paid, plan mix). Requires billing.read
- Revenue snapshot card on the admin dashboard (MRR / active paid / accounts / plan mix)
- Branded Open Graph share image (/og.png) for rich link previews on social/chat
v1.9.1
2026-06-26Fix: customer quarantine was keyed by sender domain, so it looked empty under real traffic.
- Quarantine is now keyed by the protected (recipient) domain, not the sender — so customers actually see their held mail. Caught and verified by a full live E2E (15/15)
v1.9.0
2026-06-26Customer quarantine triage (preview + allow/block), search & pagination, self-service digest, and a 30-day usage trend.
- Quarantine: open a message to see why it was flagged + a safe preview, then Release, Release & always-allow the sender, or Always-block the sender
- Quarantine search (sender/subject) + pagination; new detail endpoint with body preview
- Self-service quarantine digest email per domain (daily / 12h / weekly), owner-configurable
- 30-day processed-vs-blocked usage trend chart per domain
v1.8.5
2026-06-26Cookie settings can be reopened anytime (easy consent withdrawal).
- "Cookie settings" footer link reopens the consent banner with current choices, so consent can be withdrawn/changed as easily as given (GDPR)
v1.8.4
2026-06-26Live chat is now GDPR consent-gated and documented.
- Crisp chat loads only after opt-in via a new dedicated "Live chat" cookie-consent category; off if rejected, loads instantly on consent. Added to the DPA sub-processors (Crisp IM SARL, EU/France) and the Cookie Policy
v1.8.3
2026-06-26Live chat is now active.
- Crisp live-chat widget configured and live on the public and customer pages
v1.8.2
2026-06-26SEO structured data, a public changelog, and PWA basics.
- Homepage JSON-LD (Organization, SoftwareApplication with pricing, FAQ) for Google rich results
- Public /changelog page mirroring the release history, linked from the footer
- PWA web manifest + brand favicon/app icon; "Help" footer link that activates once the Crisp Help Center URL is set
v1.8.1
2026-06-26Live chat (Crisp) and SEO essentials.
- Crisp live-chat widget on public + customer pages (hidden in the admin console); activated via the Crisp website ID
- SEO: robots.txt and sitemap.xml (public pages only), Open Graph + Twitter Card metadata and canonical URL for rich link previews and indexing
v1.8.0
2026-06-26Per-domain spam sensitivity — Relaxed / Balanced / Strict, now actually applied by the engine.
- Set each domain to Relaxed (fewer false positives), Balanced (default) or Strict (catch more) from the Domains page. The engine applies the recipient domain’s thresholds per message (cached, global fallback). Owner-only; effective within ~5 min
- Per-domain thresholds were stored but never applied — every domain used the global thresholds. The verdict path now honours them; presets recalibrated to the real score distribution
v1.7.6
2026-06-26Customers can review and release their own quarantined mail.
- New customer Quarantine page: pick a domain, see held messages (sender, subject, score, date) and release false positives to the inbox in one click. Trilingual (EN/HU/DE)
v1.7.5
2026-06-26Legal pages are now fully trilingual (EN/HU/DE), not just their titles.
- Privacy Policy, Terms, Acceptable Use Policy, Cookie Policy and DPA: the full body (headings, paragraphs, lists, DPA sub-processor table) is now translated to Hungarian and German — previously only the title changed with the language. Links, emails and structure unchanged
v1.7.4
2026-06-26Admin UI audit — audit-log filters/pagination, deletable digest schedules, consistent permission gating.
- Audit Log: filter by action and actor email, and paginate 50 at a time (was: latest 100, no controls)
- Delete quarantine-digest schedules from the admin UI, not just disable them
- Domains and Digest pages now hide write actions from users without permission, matching the rest of the admin UI
- Minor cleanups: encode sender in reputation lookups, removed an unused dashboard query/import
v1.7.3
2026-06-26Data retention is now actually enforced — no silent build-up of stale records.
- A daily background sweep deletes quarantine and archive entries (DB rows + S3 objects) past their configured retention (30 / 365 days) and prunes Stripe webhook-idempotency rows older than 90 days. Previously expires_at was set but never acted on, so metadata rows accumulated indefinitely
v1.7.2
2026-06-26Verdict thresholds simplified and made consistent — effective and correctly calibrated.
- Three clean verdict bands: ACCEPT below the quarantine threshold, QUARANTINE up to the reject threshold (0.85), REJECT above. The quarantine threshold is now the real accept/quarantine boundary (recalibrated to 0.3, where clean mail and spam actually separate); previously it had no effect. Net filtering behaviour is unchanged — the thresholds are just honest now
- The rules-refresh-interval setting is now honoured (was hard-coded to 60s)
- The threshold_accept setting (with only three verdicts it no longer changed delivery; the two meaningful boundaries are quarantine and reject). Per-domain custom thresholds are unaffected
v1.7.1
2026-06-26Plain-language help on the admin Settings page.
- An (i) icon next to every system setting (thresholds, layer weights, AI, operational, notifications) with a non-technical explanation of what it does and the effect of changing it. Trilingual (EN/HU/DE)
v1.7.0
2026-06-26Team / multi-seat — invite teammates to share one billing account.
- Invite teammates by email to share your subscription. Members share the account owner's plan and domains; seat limits per plan (Basic 1, Pro 3, Enterprise 10)
- New Team page: roster, pending invites and seat usage, with revoke and remove-member; invitees set their own password at /accept-invite and join immediately
- Domain, billing and team management stay owner-only; members get full access to quarantine, allow/block lists, usage and stats. Two new branded emails (invitation + team welcome), trilingual
v1.6.1
2026-06-26Customer usage dashboard — a per-domain quota meter for daily and monthly mail volume.
- New "Usage" page: a colour-coded daily-quota meter per domain (today vs the plan limit — amber at ≥70%, red at ≥90% with a "near limit, mail may be deferred" hint) plus this month's volume against the monthly allowance
- New GET /customer/usage endpoint reads the live Redis daily counter and the monthly total from the mail traffic log; trilingual (EN/HU/DE)
v1.6.0
2026-06-26Annual billing — pay yearly and get 2 months free.
- Annual subscriptions: Pro €290/yr and Enterprise €1,990/yr (2 months free). A Monthly/Annual toggle on pricing, the interval carried into signup, and an annual option on the customer billing page
- Backend threads a month|year interval through signup and /billing/checkout into Stripe Checkout; webhooks map both monthly and annual price IDs to the correct plan
v1.5.1
2026-06-26Sales-oriented website copy across the landing page, pricing and signup.
- Landing page repositioned around a business/security outcome (hero, "Start free" CTA), honest trust signals instead of fabricated logos, a real self-serve "How it works", plus new "Why Spamless" and FAQ sections
- Pricing: per-plan taglines, "everything in… plus" framing and a risk-reversal line; signup leads with the outcome and trust microcopy
- Homepage features updated to the real spam-engine capabilities; all copy trilingual (EN/HU/DE)
v1.5.0
2026-06-26Branded transactional email system — 15 responsive, on-brand HTML emails plus the quarantine digest, replacing the old plain-text mails.
- Account & security emails: verification, welcome, password reset, password changed, 2FA enabled/disabled, and a new-sign-in alert from an unknown IP
- Billing emails: payment receipt, failed-payment dunning, subscription canceled
- Onboarding & conversion: domain activated, daily-quota reached, and once-only incomplete-onboarding reminders (verify / pay / add-domain) via a new hourly task
- Differentiating: real-time threat-blocked alerts (throttled per domain) and a weekly security summary per active domain
- Shared brand-styled, responsive, inline-CSS email shell; the quarantine digest restyled to match
v1.4.0
2026-06-26Two-factor authentication (TOTP) for account login.
- Opt-in two-factor authentication (TOTP): enroll from settings by scanning a QR (or entering the key) and confirming a code; at login an enabled account must enter a 6-digit authenticator code after its password
- The second factor is only revealed after correct credentials, wrong codes count toward the brute-force limiter, and disabling 2FA requires a current code
v1.3.1
2026-06-25More operations hardening: a public status page, an ops dashboard, and a verified backup-restore drill.
- Public status page (/status) — live health of the API and its dependencies (database, cache, object storage), auto-refreshing every 30s
- CloudWatch ops dashboard — ALB, ECS, RDS and SMTP NLB metrics in one view
- Backup-restore drill script — verifies the RDS point-in-time window and S3 versioning, and can run a real PITR restore to a throwaway instance (recoverability verified)
v1.3.0
2026-06-25Completes the self-service customer journey, adds detection-quality controls, and hardens operations.
- Self-service domain onboarding — customers add, verify (auto-activating once their MX points to us) and remove their own domains, with per-plan limits (basic 1 / pro 5 / enterprise 100). No admin needed
- Allow / block lists — per-domain, customer-managed: allow-listed senders are never blocked (fewer false positives), block-listed senders are always rejected; wired into the L6 rules engine
- Animated About page (/about) spotlighting the lead developer, Gábor Lepsényi
- CI now auto-deploys the frontend on push (build → S3 → CloudFront invalidation) — web changes no longer need a manual deploy
- CloudWatch alarms + SNS email alerting for ALB/API, ECS task count, RDS CPU & storage, both Postfix MTAs and the SMTP NLB
- Homepage pricing aligned with the live plans (EUR, per-day quotas); all CTAs route into the signup flow; removed dead footer links
v1.2.1
2026-06-25Fixed the frontend deployment so changes to the web app actually go live.
- The web app was built with an empty API URL and synced to the wrong S3 bucket, so app.spamless.dev never updated and the signup/pricing/legal pages 403’d in the browser. The deploy now targets the correct bucket, builds with the real API URL, and invalidates the right CloudFront distribution; homepage pricing CTAs route into the signup flow
v1.2.0
2026-06-25Legal & compliance layer with a GDPR cookie-consent banner — terms, privacy, cookie policy, acceptable use, DPA and imprint, all matching the site design.
- GDPR cookie consent banner (Accept all / Reject non-essential / Preferences). Strictly-necessary storage always on; monitoring (Sentry) loaded only after consent — Sentry init is gated on the stored choice
- Legal pages with EN/HU/DE chrome: Cookie Policy (/cookies), Acceptable Use Policy (/aup), Data Processing Agreement + sub-processor list (/dpa), and an Imprint (/imprint) with operator details, NAIH and EU ODR
- Footer links all six legal documents from every page and the homepage
- Privacy Policy and Terms reworked: GDPR legal bases, NAIH, Hungarian + EU governing law, billing/refunds and cross-links; documents now name the operating entity, Codius Kft.
v1.1.1
2026-06-25Security hardening of the registration and billing flows, following an adversarial review.
- Login brute-force / credential-stuffing protection — per-email (10) and per-IP (50) failed-attempt limits over 15 minutes; further attempts get HTTP 429. Counters increment on failure only and clear on success
- Signup abuse protection — per-email (3/h) and per-IP (10/h) limits (anti email-bombing / Stripe-customer spam); re-signup of a pending account no longer overwrites its password (closes a pending-account takeover)
- CORS locked to the web app origin instead of "*" with credentials
- Password hashing raised to PBKDF2-HMAC-SHA256 600k iterations (OWASP 2023); existing hashes still verify and upgrade transparently on next login
v1.1.0
2026-06-25Self-service registration and Stripe subscription billing — customers can sign up, verify their email, pick a plan and pay, all without us. (Stripe runs in test mode until live keys are added.)
- Self-service signup: public pricing + signup with plan selection and email verification. Accounts activate on email verify (free Basic) or on payment (paid plans) — is_active stays the single login gate
- Stripe subscription billing: Checkout for paid plans, the Stripe customer portal for self-management, and a signature-verified idempotent webhook that activates the account and propagates the plan to the customer’s domains
- Plans: Basic free (1k mail/day), Pro €29/mo (10k/day), Enterprise €199/mo (100k/day); daily quota enforced at evaluation (over-quota mail deferred with TEMPFAIL, never dropped)
- Customer billing page (current plan, renewal, upgrade / manage) and a pricing page, trilingual EN/HU/DE
- Stripe API + webhook secrets in AWS Secrets Manager (never in source/state); ECS execution role scoped to exactly those. The webhook is JWT-free but verified by Stripe signature on the raw body
v1.0.1
2026-06-25Spam-engine intelligence upgrade — three stubbed pipeline layers now run on real, externally-fed signals (Bayesian, Spamhaus, MalwareBazaar, GeoIP, domain age), each fail-safe and tuned for a low false-positive rate.
- Trainable Bayesian classifier (L5) — a Redis-backed Graham/Robinson model shared by the engine and the feedback loop; every admin spam/ham report now trains it, with a seed word-list fallback until enough mail is learned (cold-start unchanged)
- Spamhaus DBL via DQS (L4) — authenticated domain-blocklist queries; only real 127.0.x.x listings count, so service error codes never cause a false hit
- Attachment hash reputation (L4) — abuse.ch MalwareBazaar flags known-malware attachments by SHA-256
- GeoIP origin country (L2) — MaxMind GeoLite2 resolves the connecting IP into a country tag (feeds the dashboard, rules and the Bayesian model) plus a conservative ccTLD-vs-origin mismatch signal
- Domain age (L2) — live RDAP lookup scores freshly-registered sender domains
- L5’s static seed-word "Bayesian" stub and the always-False GeoIP placeholder are replaced by the live classifiers above
- Three new API keys (MaxMind, MalwareBazaar, Spamhaus DQS) injected via AWS Secrets Manager; the ECS execution role reads exactly those secrets — no key value in source or Terraform state
- Every external signal is fail-safe: a missing key, network error or bad input degrades gracefully (GeoIP → unknown, DBL → public mirror, hash → no-op) and never blocks or misclassifies mail
v1.0.0
2026-06-25Production GA — live on AWS with a highly-available MX gateway, full deliverability hardening, the v2 UI, AI analysis, and the complete MX-gateway feature set. Everything since v0.5.0.
- Production AWS infrastructure as code (Terraform): VPC, RDS PostgreSQL 16, ElastiCache Valkey 8.1, S3, ECS Fargate, ALB (HTTPS), NLB (SMTP:25), Postfix MTA, CloudFront, Route 53, ACM, Secrets Manager, AWS Bedrock — remote S3 state, no-drift
- High availability — two Postfix MTAs in separate AZs behind the NLB (cross-zone), each with its own Elastic IP; inbound mail survives an instance or AZ failure
- Email deliverability — SPF, DKIM (OpenDKIM), DMARC, forward-confirmed rDNS, a trusted Let’s Encrypt MX certificate with auto-renewal, MTA-STS (enforce) and TLS-RPT
- AI spam analysis via AWS Bedrock (Amazon Nova) — content-aware scoring in the pipeline
- DMARC aggregate-report dashboard with automated ingestion (RUA mail → parser → /dmarc/ingest)
- Email continuity — accepted mail is spooled and retried with exponential backoff when a customer origin is down (admin UI + dead-letter queue)
- Safe Links — time-of-click URL rewriting/protection with a warning interstitial
- Quarantine digest — scheduled summary emails per domain with one-click release (admin UI)
- Self-service customer portal — domain-scoped CUSTOMER role for quarantine and stats
- CSV export for decisions and traffic logs
- Content-spam detection — L3 spam-phrase signal so text lottery/pharma/scam mail is quarantined, not just structural threats
- Automated onboarding → Postfix relay-map sync: a newly onboarded domain is accepted + relayed within ~2 minutes, no manual step
- CI/CD auto-deploy — GitHub Actions CI → multi-arch image build → ECS rollout with health checks and circuit-breaker auto-rollback
- v2 UI — shadcn/ui redesign, brand gradient, trilingual EN/HU/DE; Sentry error monitoring (frontend + backend)
- ECS Fargate migrated to ARM64/Graviton for cost/performance; all images are multi-arch (amd64+arm64)
- Default UI language is now English
- Outbound mail relays through the fixed-IP Postfix MTAs (stable IP + rDNS for deliverability)
- Spam filtering was failing open — the content filter couldn’t reach the API (HTTP→HTTPS redirect + an unquoted API-key header), so every message was relayed unfiltered; every inbound message is now scored by the 7-layer pipeline before relay
- A single pipeline-layer error no longer 500s the whole evaluation (typed per-layer error results)
- Onboarding DNS instructions showed a dev placeholder (mx.spamsaas.local) and a non-existent SPF include; now mx.spamless.dev + include:spamless.dev
- Inbound STARTTLS had no certificate ("No server certs available") so TLS senders dropped; fixed with the Let’s Encrypt cert
- Content-filter re-injection mail loop (sendmail -G re-triggered the filter); clean mail is now re-injected via a dedicated no-filter port
- Test suite repaired (metrics_agent relative symlink, per-test async-client reset, content-spam scoring) — CI is green again
- MTA-STS enforce + TLS-RPT — downgrade protection for inbound mail to a trusted, validated MX
- Closed the open relay (reject_unauth_destination + relay_domains)
- Retry-queue and DMARC-ingest admin APIs require authentication
- Secrets in AWS Secrets Manager; least-privilege IAM (scoped Bedrock invoke, Route 53 ACME, DKIM key)
v0.5.0
2026-02-14CI/CD pipeline with GitHub Actions, staging environment, blue/green deployments, and automatic rollback.
- Full CI/CD pipeline — 4 GitHub Actions workflows: lint+test, build+push, deploy-staging, deploy-production
- Staging environment — separate ECS cluster, ALB host-header routing, isolated database and Redis
- ECS deploy script — blue/green rolling deployment with circuit breaker auto-rollback and health check polling
- GitHub OIDC authentication — keyless AWS access from GitHub Actions (no stored credentials)
- Production deploy requires manual approval via GitHub environment protection rules
- Docker image tagging: latest for main, staging for staging branch, sha-<commit> for every build
v0.4.0
2026-02-09Pipeline consolidation: unified entry point, decision log everywhere, relay retry queue with DLQ.
- Decision log consolidation — spam-engine now writes to decision_log and records metrics on every verdict, matching policy-api; all emails visible in Dashboard and Grafana regardless of entry point
- Relay retry queue — accepted emails that fail relay are stored in S3 and retried with exponential backoff (5s→1h, max 10 attempts) and dead letter queue
- Retry queue background worker — runs inside spam-engine, polling every 15s for items ready for redelivery
- Retry queue admin API — GET /admin/retry-queue/stats, GET /admin/retry-queue/dlq, POST /admin/retry-queue/dlq/{id}/retry
- Both entry paths (SES→Lambda→policy-api and SMTP→spam-engine) now produce identical decision_log + metrics records
- SES is used for inbound email reception only; system notifications use the EC2 Postfix relay
- spam-engine Docker image now includes all services for cross-service imports (decision_log, metrics_agent, retry_queue, onboarding)
- Emails lost on relay failure — previously the spam-engine returned 250 OK even when relay failed, silently dropping the email
v0.3.0
2026-02-09Webhooks, real-time alerting, enhanced dashboard with live charts, and Prometheus monitoring.
- Event dispatcher — lightweight in-process pub/sub that decouples pipeline events from consumers (webhooks, alerts, SSE)
- Webhook system — register HTTP endpoints per domain with HMAC-SHA256 signing, exponential backoff retry, and dead letter queue
- Webhook admin page (/admin/webhooks) — full CRUD interface with event filtering, test delivery, and delivery log
- Alert notifications — multi-channel alerting via Discord webhooks, email, and webhook events
- Notification settings — Discord webhook URL, email recipients, and channel toggles in Settings
- Server-Sent Events (/events/stream) — real-time event streaming for the dashboard
- Dashboard trend chart — stacked area chart showing verdict distribution over 24 hours using recharts
- Top senders panel — most active senders with volume, average score, and dominant verdict
- Live event feed — SSE-powered real-time feed on the dashboard
- Prometheus metrics endpoint (/metrics/prometheus) — proper exposition format
- Spam-engine HTTP metrics sidecar on port 9100
- Enhanced Grafana dashboards — 7 new panels: spam ratio gauge, message rate, per-layer latency, relay success rate, AI usage, 7-day trend
- Prometheus scrape config now points to /metrics/prometheus (was /metrics/summary JSON)
- WebhookService uses httpx instead of aiohttp for consistency
- Dashboard page fully reworked with charts, live feed, and top senders
- WebhookService _deliver was reading URL from payload (always empty) — now uses dedicated url field from WebhookConfig
- WebhookService dispatch now accepts string event types from the event bus
v0.2.0
2026-02-08Runtime configuration system, AI-powered analysis with AWS Bedrock, and domain management improvements.
- Runtime settings system — database-backed configuration with Redis caching; no redeployment needed to change parameters
- Admin settings page (/admin/settings) — live configuration UI with sliders, toggles, and grouped categories
- AI-powered spam analysis (BETA) — Layer 7 using AWS Bedrock (Amazon Nova Lite) for intelligent content classification
- Domain management — active onboarded domains now appear on the Domains page with pause/resume controls and inline editing
- Proxy headers middleware — ensures HTTPS redirects behind ALB/CloudFront
- Next.js prefetch guard — returns 404 for leaked internal prefetch requests
- Comprehensive project documentation (PROJECT.md)
- activate_domain now allows activation from both DNS_VERIFIED and PAUSED states
- CloudFront behaviors use specific API sub-paths instead of broad patterns
- 503 on /admin/settings — CloudFront broad pattern intercepted frontend page loads
- Mixed Content errors — FastAPI redirects used http:// behind HTTPS proxy
- 401 on Next.js prefetch — internal static file requests hit API auth middleware
- System not receiving emails — AIAnalysisLayer missing super().__init__() caused AttributeError during exception handling
- AI settings not updating — seed_defaults() ON CONFLICT DO NOTHING prevented overwrites; added migration logic
v0.1.0
2026-02-05Initial release with 7-layer spam pipeline, admin dashboard, domain onboarding, and full AWS infrastructure.
- 7-layer spam analysis pipeline — Connection, Identity (SPF/DKIM/DMARC), Envelope, Content, Intelligence, Behavioral, Custom Rules
- SMTP content filter — aiosmtpd integration with Postfix on port 10025
- Policy evaluation API — POST /policy/evaluate with full score breakdown
- Email quarantine — S3 storage, release-and-forward, false positive recording
- Admin dashboard — stat cards, verdict distribution, recent decisions
- Rule management — whitelist, blacklist, and score adjustment rules with CRUD
- Domain onboarding — DNS verification wizard (MX, SPF, DKIM), automatic relay config
- JWT authentication — login, token refresh, password change, RBAC (super_admin, admin, viewer)
- Google SSO — OAuth 2.0 login with automatic user provisioning
- Decision logging — every verdict stored with full score breakdown
- Mail traffic and delivery logging
- Admin audit trail — automatic logging of all API actions
- EC2 Postfix relay — dedicated outbound relay with Elastic IP, PTR record, proper HELO
- AWS infrastructure — ECS Fargate, RDS PostgreSQL, ElastiCache Redis, ALB, CloudFront, SES, Route 53
- Email flagged as spam (SpamAssassin 9.7) — routed through EC2 Postfix relay with fixed IP and PTR record
- SRS sender address visible to recipients — removed SRS entirely
- Mail loop (Postfix→SES→Postfix) — added transport map for direct delivery
- TLS certificate errors on internal relay — implemented multi-strategy connection
- Whitelist rules not working — added periodic rule refresh (60s) with Redis cache